General discussion

  • Creator
    Topic
  • #2291610

    2 Networks

    Locked

    by curacao_dejavu ·

    This is my first experience with 2 networks and I would like to have your input on this.

    On the lan side 192.168.30.x whch has pc’s and printers.
    On the dmz side 192.168.40.x containing the AD, exchange and 2 Terminal Servers (TS).
    There is also a router that connects the 2 networks.

    a: I am able to ping from one network to the other.
    b: I am not able to access shared resources of a network from the other network. (can you explain why ?)
    c: I have try yet if a pc can join the domain and AD from the 30.x network.
    (I am not sure if this will work)

    items b and c are the most important to me at the moment.

    Is there a way that I can make this work ?

    Also if this does not work I want to go back to a flat network.
    but then I have one more item too consider.
    Some of the pc’s need to make vpn connections to the internet. Currently I am using winroute 5 for this, but If I add a hardware firewall in front of winroute (pc-winroute-hw firewall) will they still be able to make the vpn connections ?

    Regards

    Leopold

    the more input I receive the better.

All Comments

  • Author
    Replies
    • #3344900

      Reply To: 2 Networks

      by curacao_dejavu ·

      In reply to 2 Networks

      Point value changed by question poster.

    • #3344688

      Reply To: 2 Networks

      by razz2 ·

      In reply to 2 Networks

      Some extra info would help with the answer. Then I will guess after this:

      What are the subnet masks being used for both subnets?

      What is the router and is it just a router or some router/firewall with a DMZ port (I am guessing NOT a firewall since you use Winroute)?

      Why are you putting AD in a DMZ!?!

      That said, I would guess you are pinging by ip but trying to access resource shares by name. Try access to a resource by ip:

      On a PC in subnet 1 try using start menu –> run:

      Type “\\ServerIpAddress\ShareName\” (without the quotes)

      If that opens the folder then the issue is name resolution. What are the PC’s using for DNS? Is the DNS server internal and does it have both subnets? If that is it then fix DNS name resolution and joining AD will not be a proplem.

      The VPN is not an issue as any good firewall would allow you VPN passthrough and if not the ability to open needed ports.

      Good Luck,

      razz

    • #3344518

      Reply To: 2 Networks

      by curacao_dejavu ·

      In reply to 2 Networks

      both subnets are 255.255.255.0

      the firewall is a hardware firewall

      exchange needs the AD in the same segment, so that;s the reason they are both together.

      it does not matter if I try to access the resource by ip or by name, i can not connect anyway.

      for the moment the pc’s are using a outside dns server to resolve external ip adress (in order to browse).

      Leopold

    • #3325938

      Reply To: 2 Networks

      by keebmachine ·

      In reply to 2 Networks

      Make sure that you have the correct ports open on the router so that the message traffic can flow to and from the client computers and servers.
      Please click the link below for further explanation.

      http://support.microsoft.com/kb/298804

      • #3325935

        Reply To: 2 Networks

        by curacao_dejavu ·

        In reply to Reply To: 2 Networks

        The ports are open, I have a kb artickle with all ports that the windows system uses for all the services.

    • #3327397

      Reply To: 2 Networks

      by curacao_dejavu ·

      In reply to 2 Networks

      This question was closed by the author

Viewing 4 reply threads